Getting the analytics right for GDPR compliance – and beyond

The challenges of complying with the European Union’s new General Data Protection Regulation (GDPR) are clear: Every organization serving customers in the EU — including organizations outside the EU that offer goods or services to individuals within it — will need to comply with new data privacy rules by May 2018.

The clock is ticking, and failure to comply could trigger EU fines of €20 million or up to 4 percent of global annual revenue, whichever is higher. Yet in the face of such sweeping regulations, it’s time to think beyond compliance. Leading organizations will find new ways of managing data, away from the fragmented silos and governance created from disparate quick-win efforts. Instead, they’ll improve information governance overall to achieve better outcomes through analytics.

To be sure, timely compliance is a big, complex task. In reality, few organizations will be fully ready come May 2018. Among other things, they’ll need to identify the relevant personal data they already have, where they have that data stored, why they have it, and whether they truly need to keep that data around.

That may sound straightforward. But for any large, multinational organization with multiple databases, diverse data types and geographically dispersed storage systems, GDPR compliance will likely be a challenging task.

Beyond compliance

Still, there are opportunities to be gained from this exercise, such as combining the same information governance required by GDPR with business analytics. This proactive approach will allow organizations to leverage actionable business insights on an enterprise scale.

Seen this way, your GDPR compliance will be but a first step toward a more dramatic digital transformation, leading to better business outcomes. The benefits of moving beyond GDPR compliance can include:

  • Better outcomes: Instead of taking a “pure IT” approach to GDPR, activate IT as a strategic business enabler.
  • Improved data integrity: As part of your GDPR compliance, you’ll need to be able to erase and correct customer data on demand. But what if you have content sprinkled through repositories relating to a single business record or event? Then simply deleting data in one location could easily break your systems elsewhere. Instead, mesh your data for a true leverage.
  • Effective data leveraging: Once you’ve identified and managed customer data for GDPR compliance, you can use it for analytics, knowledge management, promoting customer transparency and trust, the creation of new strategies and more.

First steps

To get started leveraging GDPR compliance for analytic insights, you’ll first need to take decisive steps toward compliance. That means answering three important questions:

  • What personal data do we already hold?
  • Where is this data, both physically and logically?
  • Why do we have this data? And do we still need it?

Next, manage the process. Don’t just wait for subject access requests (SARs) from your customers. Instead, be proactive. For example, get rid of the guff. Pruning your data now will make GDPR compliance easier later. Don’t think you have much data to delete? Think again. We believe conservatively that up to 40 percent of all data is nonessential.

Perhaps the most important thing you can do is to get started soon. With the EU’s May 2018 deadline for GDPR compliance getting closer by the day, your organization cannot afford to wait. Be active and do it now.

Ready to accelerate your move to GDPR compliance and beyond? Visit us today at:

This blog post is the second in a three-part series, “Accelerating GDPR Compliance,” that explores the implications of the European Union’s new General Data Protection Regulation. See part 1, Accelerating GDPR compliance. And check back soon to view the final post on this important and far-reaching topic.

Grace CrossleyGrace Crossley is the European information governance practice lead at DXC Technology. With 20+ years of experience in information management and 13+ years in information governance experience, Grace is recognized as a worldwide competency lead for records and information management.





Accelerating GDPR readiness: Now’s the time to get started

Raising your Analytics IQ

Why big data is such a big deal now


  1. […] This post is the third in a three-part DXC blog series, “Accelerating GDPR Compliance,” exploring the implications of the European Union’s new General Data Protection Regulation. View Part 1, Accelerating GDPR readiness and Part 2, Getting analytics right for GDPR compliance – and beyond. […]

  2. […] Getting the analytics right for GDPR compliance – and beyond […]

  3. […] Getting the analytics right for GDPR compliance – and beyond […]

  4. […] Getting the analytics right for GDPR compliance – and beyond […]

  5. […] haben, sollten das sofort tun. „Das Wichtigste ist, dass Sie schnell loslegen“, mahnt Grace Crossley, European Information Governance Practice Lead bei DXC Technology, in ihrem Blog. Nachdem aller […]

  6. […] Daten, entscheidet es im nächsten Schritt, welche weiterverwendet und welche gelöscht werden. Grace Crossley von DXC Technology schätzt, dass gut 40 Prozent aller gespeicherten Daten obsolet sind. Wer sich ihrer entledigt, […]

  7. […] Getting the analytics right for GDPR compliance – and beyond […]

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.